package com.serverGroup.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import com.serverGroup.baseModule.bean.UserBean;
import com.serverGroup.baseModule.service.UserService;

public class LoginRealm extends AuthorizingRealm {

	@Autowired
	private UserService userService;
	
	private SessionDao sessionDao;
	/**
	 * shiro--用户授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		// TODO Auto-generated method stub
		return null;
	}

	/**
	 * shiro---用户验证的方法
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		// TODO Auto-generated method stub
		
		//从token中获取到的用户名称
		Object principal = token.getPrincipal();

		//这个是从token中获取到的密码
		Object credentials = token.getCredentials();
		
		//通过用户的传来的数据进行加密对比查看是否为该密码
		String password = new SimpleHash("MD5", credentials, ByteSource.Util.bytes(principal.toString()) ,1024).toString();
		
		UserBean user = userService.userLogin(principal.toString());
		
		if (!user.getUsername().equals(principal)) {
			throw new UnknownAccountException("用户不存在!");
		}
		
		if (!user.getPassword().equals(password)) {
			throw new IncorrectCredentialsException("密码错误");
		}
		
		//这里使用父类的方法，会返回该类的对象名称
		String realmName = getName();
		
		//盐值加密保证每个用户的盐值都不同采用用户名称的盐值进行加密
		ByteSource salt = ByteSource.Util.bytes(principal);
		
		SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(principal, password, salt, realmName);
		Subject subject = SecurityUtils.getSubject();
		Session session = subject.getSession(true);
		session.setAttribute(principal.toString(), user);
		return info;
	}
	/**
	 * 
	 * Title: main
	 * Description: 用来测试盐值的加密后的值
	 * @param args
	 *//*
	public static void main(String[] args) {
		String hashAlgorithmName = "MD5";
		Object pwd ="123456";
		Object salt = ByteSource.Util.bytes("admin");
		int time = 1024;
		Object result = new SimpleHash(hashAlgorithmName, pwd, salt, time);
		System.out.println(result);
	}*/

	public UserService getUserService() {
		return userService;
	}

	public void setUserService(UserService userService) {
		this.userService = userService;
	}

	public SessionDao getSessionDao() {
		return sessionDao;
	}

	public void setSessionDao(SessionDao sessionDao) {
		this.sessionDao = sessionDao;
	}
	
}
